php


OAuth2 curl reqeust returns 'The client credentials are invalid' for “grant_type = 'password'”


I am trying to get access token for user with credentials , that is registered in DB, with OAuth2.
In my oauth_clients I have a valid client with 'client_id=myclientid', 'client_secret=myclientsecret', 'grant_types=password'.
In my oauth_users table I have test user with 'username=Beno', 'password=aa888'.
I am sending data to 'http://myserver.com/token.php' like this
$ch = curl_init( 'http://myserver.com/token.php' );
curl_setopt( $ch, CURLOPT_HEADER, true);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt( $ch, CURLOPT_POST, true);
curl_setopt( $ch, CURLOPT_POSTFIELDS, array(
'client_id' => 'myclientid',
'client_secret' => 'myclientsecret',
'grant_type' => 'password',
'username' => 'Beno',
'password' => 'aa888',
'u_id' => 53
) );
$auth = curl_exec( $ch );
on token.php I have this
<?php
if( file_exists("system/includes/autoload.php") ):
require_once("system/includes/autoload.php");
else:
require_once("../system/includes/autoload.php");
endif;
require_once('oauth2-server-php/src/OAuth2/Autoloader.php');
$dsn = 'mysql:dbname='.DATABASENAME.';host='.DBSERVERADDRESS.'';
// error reporting (this is a demo, after all!)
ini_set('display_errors',1);error_reporting(E_ALL);
// Autoloading (composer is preferred, but for this example let's just do this)
OAuth2\Autoloader::register();
// $dsn is the Data Source Name for your database, for exmaple "mysql:dbname=my_oauth2_db;host=localhost"
$storage = new OAuth2\Storage\Pdo(array('dsn' => $dsn, 'username' => DBUSERNAME, 'password' => DBPASSWORD));
// Pass a storage object or array of storage objects to the OAuth2 server class
$server = new OAuth2\Server($storage);
// Add the "Client Credentials" grant type (it is the simplest of the grant types)
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($storage));
// Add the "Authorization Code" grant type (this is where the oauth magic happens)
$server->addGrantType(new OAuth2\GrantType\AuthorizationCode($storage));
$server->addGrantType(new OAuth2\GrantType\RefreshToken($storage));
$username = IO::post('username');
$password = IO::post('password');
$user_id = IO::post('u_id');
if ( ! empty( $username ) && ! empty( $password ) & ! empty( $user_id ) ){
$users = array( $username => array('user_id'=> intval($user_id) ,'password' => $password));
$clients = array($client_id => array('client_secret' => $client_secret));
// create a storage object
$storage = new OAuth2\Storage\Memory(array('user_credentials' => $users, 'client_credentials' => $clients));
echo "<pre>";
var_dump($storage);
echo "</pre>";
// create the grant type
$grantType = new OAuth2\GrantType\UserCredentials($storage);
// add the grant type to your OAuth server
$server->addGrantType($grantType);
// Handle a request for an OAuth2.0 Access Token and send the response to the client
$response = new OAuth2\Response();
$re = $server->handleTokenRequest(OAuth2\Request::createFromGlobals(),$response)->send();
echo $re;
}else{
echo "no data";
}
All data is in DB as I have mentioned above. But when I get response it returns me 400 error
{"error":"invalid_client","error_description":"The client credentials are invalid"}
Does anybody know what am I doing wrong?
Check how your authorization server receives client credentials.
You are presenting client credentials as form-post parameters, but your authorization server may expect that client credentials be embedded in Authorization header (Basic Authentication). Read "RFC 6749, 2.3.1. Client Password" carefully. According to the specification, "The authorization server MUST support the HTTP Basic authentication scheme for authenticating clients that were issued a client password." Therefore, embedding client credentials in Authorization header must work for any correct authorization server implementation.

Related Links

Adding HTML class selector with PHP
Use array_multisort to arrange arrays by date
Contact form 7 set field value with get request
PHP - Associative Array with 1 Key + 2 Values to HTML Table
Redirect automatically the user to local page
PHP htmlentities() can't handle åäö characters [duplicate]
PHPMailer and php send mail not supported
Travis gives a failing test inccorectly
accessing json input with laravel
simple html dom to exclude paragraph with class
Why the code I wrote does not send gsm AT commands
Hook some code after body tags
Passing Parameters to KnpMenuBundle-MenuBuilder (registered as service)
Using “auto_prepend_file” into “.user.ini” file in PHP
Store real line break in db
isset function is not taking variable passed from other page

Categories

HOME
tomcat
livecode
risk-management
initialization
ios-simulator
histogram
tabs
cryptography
gallery
dji-sdk
mithril.js
save
responsive-design
cocotb
hspi
roku
bellman-ford
cname
xbap
jquery-file-upload
complexity-theory
sonicwall
fresco
pinterest
pfobject
error-logging
connection-refused
amazon-sns
quantitative-finance
backendless
router
pubxml
network-analysis
sendmessage
amazon-cloudtrail
sfml
dnsmasq
jsonresult
objectmapper
osx-lion
winrm
twilio-php
extbase
widestring
reset
spring-restcontroller
oauth2-playground
md5-file
htmlspecialchars
asp.net-web-api-routing
clrs
dblink
1010
.when
dymola
metabase
data-management
p6spy
coovachilli
fragmentstatepageradapter
android-sdcard
psd
juniper-network-connect
decidable
opencyc
apache-commons-digester
pythonxy
wlanapi
libz
fantom
dynamics-ax-2012-r2
embeddedwebserver
microsoft-expression-web
vs-unit-testing-framework
aho-corasick
siena
coding-efficiency
webaii
sensormanager
xsd2code
coalesce
disjoint-union
notin
semicolon
jquery-dialog
idispatch
playorm
clearinterval
websphere-6.1
gamesalad
series-40
wcf-callbacks
quartz-core
n-queens
groovy-console
qt-mobility
cewolf
servlet-container
html-generation
word-automation

Resources

Database Users
RDBMS discuss
Database Dev&Adm
javascript
java
csharp
php
android
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App